5 // Martin Baulig <martin.baulig@xamarin.com>
7 // Copyright (c) 2015 Xamarin, Inc.
9 // Permission is hereby granted, free of charge, to any person obtaining a copy
10 // of this software and associated documentation files (the "Software"), to deal
11 // in the Software without restriction, including without limitation the rights
12 // to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
13 // copies of the Software, and to permit persons to whom the Software is
14 // furnished to do so, subject to the following conditions:
16 // The above copyright notice and this permission notice shall be included in
17 // all copies or substantial portions of the Software.
19 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
20 // IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
21 // FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
22 // AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
23 // LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
24 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
29 #if MONO_SECURITY_ALIAS
30 extern alias MonoSecurity;
33 #if MONO_SECURITY_ALIAS
34 using MonoSecurity::Mono.Security.Interface;
36 using Mono.Security.Interface;
39 using CipherAlgorithmType = System.Security.Authentication.CipherAlgorithmType;
40 using HashAlgorithmType = System.Security.Authentication.HashAlgorithmType;
41 using ExchangeAlgorithmType = System.Security.Authentication.ExchangeAlgorithmType;
46 using System.Net.Security;
47 using System.Security.Authentication;
48 using System.Security.Cryptography.X509Certificates;
49 using System.Security.Permissions;
50 using System.Security.Principal;
51 using System.Security.Cryptography;
53 using System.Threading.Tasks;
55 using MNS = Mono.Net.Security;
57 namespace System.Net.Security
60 * These two are defined by the referencesource; add them heere to make
61 * it easy to switch between the two implementations.
64 internal delegate bool RemoteCertValidationCallback (
66 X509Certificate certificate,
68 SslPolicyErrors sslPolicyErrors);
70 internal delegate X509Certificate LocalCertSelectionCallback (
72 X509CertificateCollection localCertificates,
73 X509Certificate remoteCertificate,
74 string[] acceptableIssuers);
76 public class SslStream : AuthenticatedStream, MNS.IMonoSslStream
78 MonoTlsProvider provider;
81 internal IMonoSslStream Impl {
88 internal MonoTlsProvider Provider {
95 static MonoTlsProvider GetProvider ()
97 #pragma warning disable 612
98 return MonoTlsProviderFactory.GetDefaultProvider ();
99 #pragma warning restore 612
102 public SslStream (Stream innerStream)
103 : this (innerStream, false)
107 public SslStream (Stream innerStream, bool leaveInnerStreamOpen)
108 : base (innerStream, leaveInnerStreamOpen)
110 provider = GetProvider ();
111 impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen);
114 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback)
115 : this (innerStream, leaveInnerStreamOpen, userCertificateValidationCallback, null)
119 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback)
120 : base (innerStream, leaveInnerStreamOpen)
122 provider = GetProvider ();
123 var settings = MonoTlsSettings.CopyDefaultSettings ();
124 settings.RemoteCertificateValidationCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateValidationCallback);
125 settings.ClientCertificateSelectionCallback = MNS.Private.CallbackHelpers.PublicToMono (userCertificateSelectionCallback);
126 impl = provider.CreateSslStream (innerStream, leaveInnerStreamOpen, settings);
129 [MonoLimitation ("encryptionPolicy is ignored")]
130 public SslStream (Stream innerStream, bool leaveInnerStreamOpen, RemoteCertificateValidationCallback userCertificateValidationCallback, LocalCertificateSelectionCallback userCertificateSelectionCallback, EncryptionPolicy encryptionPolicy)
131 : this (innerStream, leaveInnerStreamOpen, userCertificateValidationCallback, userCertificateSelectionCallback)
135 internal SslStream (Stream innerStream, bool leaveInnerStreamOpen, IMonoSslStream impl)
136 : base (innerStream, leaveInnerStreamOpen)
141 public virtual void AuthenticateAsClient (string targetHost)
143 Impl.AuthenticateAsClient (targetHost);
146 public virtual void AuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
148 Impl.AuthenticateAsClient (targetHost, clientCertificates, enabledSslProtocols, checkCertificateRevocation);
151 // [HostProtection (ExternalThreading=true)]
152 public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, AsyncCallback asyncCallback, object asyncState)
154 return Impl.BeginAuthenticateAsClient (targetHost, asyncCallback, asyncState);
157 // [HostProtection (ExternalThreading=true)]
158 public virtual IAsyncResult BeginAuthenticateAsClient (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
160 return Impl.BeginAuthenticateAsClient (targetHost, clientCertificates, enabledSslProtocols, checkCertificateRevocation, asyncCallback, asyncState);
163 public virtual void EndAuthenticateAsClient (IAsyncResult asyncResult)
165 Impl.EndAuthenticateAsClient (asyncResult);
168 public virtual void AuthenticateAsServer (X509Certificate serverCertificate)
170 Impl.AuthenticateAsServer (serverCertificate);
173 public virtual void AuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
175 Impl.AuthenticateAsServer (serverCertificate, clientCertificateRequired, enabledSslProtocols, checkCertificateRevocation);
178 // [HostProtection (ExternalThreading=true)]
179 public virtual IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, AsyncCallback asyncCallback, object asyncState)
181 return Impl.BeginAuthenticateAsServer (serverCertificate, asyncCallback, asyncState);
184 public virtual IAsyncResult BeginAuthenticateAsServer (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation, AsyncCallback asyncCallback, object asyncState)
186 return Impl.BeginAuthenticateAsServer (serverCertificate, clientCertificateRequired, enabledSslProtocols, checkCertificateRevocation, asyncCallback, asyncState);
189 public virtual void EndAuthenticateAsServer (IAsyncResult asyncResult)
191 Impl.EndAuthenticateAsServer (asyncResult);
194 public TransportContext TransportContext {
196 throw new NotSupportedException();
200 // [HostProtection (ExternalThreading=true)]
201 public virtual Task AuthenticateAsClientAsync (string targetHost)
203 return Impl.AuthenticateAsClientAsync (targetHost);
206 public virtual Task AuthenticateAsClientAsync (string targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
208 return Impl.AuthenticateAsClientAsync (targetHost, clientCertificates, enabledSslProtocols, checkCertificateRevocation);
211 public virtual Task AuthenticateAsServerAsync (X509Certificate serverCertificate)
213 return Impl.AuthenticateAsServerAsync (serverCertificate);
216 public virtual Task AuthenticateAsServerAsync (X509Certificate serverCertificate, bool clientCertificateRequired, SslProtocols enabledSslProtocols, bool checkCertificateRevocation)
218 return Impl.AuthenticateAsServerAsync (serverCertificate, clientCertificateRequired, enabledSslProtocols, checkCertificateRevocation);
221 public override bool IsAuthenticated {
222 get { return Impl.IsAuthenticated; }
225 public override bool IsMutuallyAuthenticated {
226 get { return Impl.IsMutuallyAuthenticated; }
229 public override bool IsEncrypted {
230 get { return Impl.IsEncrypted; }
233 public override bool IsSigned {
234 get { return Impl.IsSigned; }
237 public override bool IsServer {
238 get { return Impl.IsServer; }
241 public virtual SslProtocols SslProtocol {
242 get { return (SslProtocols)Impl.SslProtocol; }
245 public virtual bool CheckCertRevocationStatus {
246 get { return Impl.CheckCertRevocationStatus; }
249 X509Certificate MNS.IMonoSslStream.InternalLocalCertificate {
250 get { return Impl.InternalLocalCertificate; }
253 public virtual X509Certificate LocalCertificate {
254 get { return Impl.LocalCertificate; }
257 public virtual X509Certificate RemoteCertificate {
258 get { return Impl.RemoteCertificate; }
261 public virtual CipherAlgorithmType CipherAlgorithm {
262 get { return (CipherAlgorithmType)Impl.CipherAlgorithm; }
265 public virtual int CipherStrength {
266 get { return Impl.CipherStrength; }
269 public virtual HashAlgorithmType HashAlgorithm {
270 get { return (HashAlgorithmType)Impl.HashAlgorithm; }
273 public virtual int HashStrength {
274 get { return Impl.HashStrength; }
277 public virtual ExchangeAlgorithmType KeyExchangeAlgorithm {
278 get { return (ExchangeAlgorithmType)Impl.KeyExchangeAlgorithm; }
281 public virtual int KeyExchangeStrength {
282 get { return Impl.KeyExchangeStrength; }
285 public override bool CanSeek {
286 get { return false; }
289 public override bool CanRead {
290 get { return Impl.CanRead; }
293 public override bool CanTimeout {
294 get { return Impl.CanTimeout; }
297 public override bool CanWrite {
298 get { return Impl.CanWrite; }
301 public override int ReadTimeout {
302 get { return Impl.ReadTimeout; }
303 set { Impl.ReadTimeout = value; }
306 public override int WriteTimeout {
307 get { return Impl.WriteTimeout; }
308 set { Impl.WriteTimeout = value; }
311 public override long Length {
312 get { return Impl.Length; }
315 public override long Position {
316 get { return Impl.Position; }
318 throw new NotSupportedException (SR.GetString (SR.net_noseek));
322 public override void SetLength (long value)
324 Impl.SetLength (value);
327 public override long Seek (long offset, SeekOrigin origin)
329 throw new NotSupportedException (SR.GetString (SR.net_noseek));
332 public override void Flush ()
337 void CheckDisposed ()
340 throw new ObjectDisposedException ("SslStream");
343 protected override void Dispose (bool disposing)
346 if (impl != null && disposing) {
351 base.Dispose (disposing);
355 public override int Read (byte[] buffer, int offset, int count)
357 return Impl.Read (buffer, offset, count);
360 public void Write (byte[] buffer)
365 public override void Write (byte[] buffer, int offset, int count)
367 Impl.Write (buffer, offset, count);
370 // [HostProtection (ExternalThreading=true)]
371 public override IAsyncResult BeginRead (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
373 return Impl.BeginRead (buffer, offset, count, asyncCallback, asyncState);
376 public override int EndRead (IAsyncResult asyncResult)
378 return Impl.EndRead (asyncResult);
381 // [HostProtection (ExternalThreading=true)]
382 public override IAsyncResult BeginWrite (byte[] buffer, int offset, int count, AsyncCallback asyncCallback, object asyncState)
384 return Impl.BeginWrite (buffer, offset, count, asyncCallback, asyncState);
387 public override void EndWrite (IAsyncResult asyncResult)
389 Impl.EndWrite (asyncResult);
392 AuthenticatedStream MNS.IMonoSslStream.AuthenticatedStream {
396 MonoTlsProvider MNS.IMonoSslStream.Provider {
397 get { return provider; }
400 MonoTlsConnectionInfo MNS.IMonoSslStream.GetConnectionInfo ()
402 return Impl.GetConnectionInfo ();
406 #else // !SECURITY_DEP
407 namespace System.Net.Security
409 public class SslStream